Category Archives: Security

All four major browsers take a stomping at Pwn2Own hacking competition

The annual Pwn2Own hacking competition wrapped up its 2015 event in Vancouver with another banner year, paying $442,000 for 21 critical bugs in all four major browsers, as well as Windows, Adobe Flash, and Adobe Reader.

The crowning achievement came Thursday as contestant Jung Hoon Lee, aka lokihardt, demonstrated an exploit that felled both the stable and beta versions of Chrome, the Google-developed browser that's famously hard to compromise. His hack started with a buffer overflow race condition in Chrome. To allow that attack to break past anti-exploit mechanisms such as the sandbox and address space layout randomization, it also targeted an information leak and a race condition in two Windows kernel drivers, an impressive feat that allowed the exploit to achieve full System access.

"With all of this, lokihardt managed to get the single biggest payout of the competition, not to mention the single biggest payout in Pwn2Own history: $75,000 USD for the Chrome bug, an extra $25,000 for the privilege escalation to SYSTEM, and another $10,000 from Google for hitting the beta version for a grand total of $110,000," Pwn2Own organizers wrote in a blog post published Thursday. "To put it another way, lokihardt earned roughly $916 a second for his two-minute demonstration."

Read 2 remaining paragraphs | Comments

Windows 10 to make the Secure Boot alt-OS lock out a reality

Those of you with long memories will recall a barrage of complaints in the run up to Windows 8's launch that concerned the ability to install other operating systems—whether they be older versions of Windows, or alternatives such as Linux or FreeBSD—on hardware that sported a "Designed for Windows 8" logo.

To get that logo, hardware manufacturers had to fulfil a range of requirements for the systems they built, and one of those requirements had people worried. Windows 8 required machines to support a feature called UEFI Secure Boot. Secure Boot protects against that interferes with the boot process in order to inject itself into the operating system at a low level. When Secure Boot is enabled, the core components used to boot the machine must have correct cryptographic signatures, and the UEFI firmware verifies this before it lets the machine start. If any files have been tampered with, breaking their signature, the system won't boot.

This is a desirable security feature, but it has an issue for alternative operating systems: if, for example, you prefer to compile your own operating system, your boot files won't include a signature that Secure Boot will recognize and authorize, and so you won't be able to boot your PC.

Read 7 remaining paragraphs | Comments

Now you can put your keys in the cloud—your house keys

Earlier this year, a new type of mobile app blew the collective minds of many—including NBC News investigative reporter Jeff Rossen. Using the camera of a smartphone, these applications could scan a house key, allowing it to be duplicated remotely. Rossen warned America that it could allow someone to digitally steal your house keys if you left them unattended—by uploading photos and getting shipped a custom-cut copy. Of course, they could do the same thing with your house keys just by running with them to a nearby hardware store. But hackers!

One of the contenders in this market is called KeyMe. No one is going to shoulder surf your house key with KeyMe—it requires photos of a key placed on a white background, taken from 4 inches away. But KeyMe is doing something that will further boggle minds and will likely raise even more security concerns: using the app, you can store scanned copies of your keys on their server and download them at a kiosk. The company has been rolling out kiosks across the country and has just expanded its fleet after inking a deal to place them at the Lowe's home improvement chain. And you can also share your keys with others via e-mail, allowing them to make copies for themselves.

KeyMe supports "70 percent of car keys," according to the company (but not newer "smart" keys), as well as most house, office, padlock and mailbox keys—though the company won't make copies of keys marked "do not copy." This may be a little more secure than hiding a spare key under a rock. But if abused, it certainly has the potential to pose security risks not just to individuals, but to companies as well. KeyMe is offering one interesting security component at its kiosks, however—cutting a copy of a cloud-stored key requires a scan of a physical fingerprint.

Read 3 remaining paragraphs | Comments

XSSYA v2.0 Released – XSS Vulnerability Confirmation Tool

We first published about XSSYA back in 2014, and it seemed to be pretty popular, there’s not a whole lot of tools in the XSS (Cross Site Scripting) space. For those who are unfamiliar, XSSYA used to be Cross Site Scripting aka XSS Vulnerability Scanner & Confirmation tool – the scanning portion has been removed [...] The post...

Read the full post at

Copyright © 1995 - 2015. Kashif Ali.